Merge pull request #74 from WalkerWatch/master
Doc update for KEYCLOAK-4108
This commit is contained in:
Stian Thorgersen
GitHub
commit
c492e21ec5
1 changed files with 23 additions and 25 deletions
|
|
@ -2,44 +2,42 @@
|
|||
[[_jetty9_adapter]]
|
||||
==== Jetty 9.x Adapters
|
||||
|
||||
Keycloak has a separate adapter for Jetty 9.1.x and Jetty 9.2.x that you will have to install into your Jetty installation.
|
||||
Keycloak has a separate adapter for Jetty 9.1.x, Jetty 9.2.x and Jetty 9.3.x that you will have to install into your Jetty installation.
|
||||
You then have to provide some extra configuration in each WAR you deploy to Jetty.
|
||||
Let's go over these steps.
|
||||
Let's go over these steps.
|
||||
|
||||
[[_jetty9_adapter_installation]]
|
||||
===== Adapter Installation
|
||||
|
||||
Adapters are no longer included with the appliance or war distribution.Each adapter is a separate download on the Keycloak download site.
|
||||
They are also available as a maven artifact.
|
||||
|
||||
You must unzip the Jetty 9.x distro into Jetty 9.x's root directory.
|
||||
Including adapter's jars within your WEB-INF/lib directory will not work!
|
||||
|
||||
|
||||
[source]
|
||||
----
|
||||
|
||||
$ cd $JETTY_HOME
|
||||
$ unzip keycloak-jetty92-adapter-dist.zip
|
||||
----
|
||||
|
||||
Next, you will have to enable the keycloak module for your jetty.base.
|
||||
They are also available as a maven artifact.
|
||||
|
||||
You must unzip the Jetty 9.x distro into Jetty 9.x's link:https://www.eclipse.org/jetty/documentation/current/startup-base-and-home.html[base directory.]
|
||||
Including adapter's jars within your WEB-INF/lib directory will not work!
|
||||
In the example below, the Jetty base is named `your-base`:
|
||||
|
||||
[source]
|
||||
----
|
||||
|
||||
$ cd your-base
|
||||
$ unzip keycloak-jetty93-adapter-dist-2.5.0.Final.zip
|
||||
----
|
||||
|
||||
Next, you will have to enable the `keycloak` module for your Jetty base:
|
||||
|
||||
[source]
|
||||
----
|
||||
|
||||
$ java -jar $JETTY_HOME/start.jar --add-to-startd=keycloak
|
||||
----
|
||||
----
|
||||
|
||||
[[_jetty9_per_war]]
|
||||
===== Required Per WAR Configuration
|
||||
|
||||
This section describes how to secure a WAR directly by adding config and editing files within your WAR package.
|
||||
This section describes how to secure a WAR directly by adding config and editing files within your WAR package.
|
||||
|
||||
The first thing you must do is create a `WEB-INF/jetty-web.xml` file in your WAR package.
|
||||
This is a Jetty specific config file and you must define a Keycloak specific authenticator within it.
|
||||
This is a Jetty specific config file and you must define a Keycloak specific authenticator within it.
|
||||
|
||||
[source]
|
||||
----
|
||||
|
|
@ -62,10 +60,10 @@ Next you must create a `keycloak.json` adapter config file within the `WEB-INF`
|
|||
The format of this config file is describe in the <<fake/../java-adapter-config.adoc#_java_adapter_config,Java adapter configuration>> section.
|
||||
|
||||
WARNING: The Jetty 9.1.x adapter will not be able to find the `keycloak.json` file.
|
||||
You will have to define all adapter settings within the `jetty-web.xml` file as described below.
|
||||
You will have to define all adapter settings within the `jetty-web.xml` file as described below.
|
||||
|
||||
Instead of using keycloak.json, you can define everything within the `jetty-web.xml`.
|
||||
You'll just have to figure out how the json settings match to the `org.keycloak.representations.adapters.config.AdapterConfig` class.
|
||||
You'll just have to figure out how the json settings match to the `org.keycloak.representations.adapters.config.AdapterConfig` class.
|
||||
|
||||
|
||||
[source]
|
||||
|
|
@ -98,15 +96,15 @@ You'll just have to figure out how the json settings match to the `org.keycloak.
|
|||
</Set>
|
||||
</Get>
|
||||
</Configure>
|
||||
----
|
||||
----
|
||||
|
||||
You do not have to crack open your WAR to secure it with keycloak.
|
||||
Instead create the jetty-web.xml file in your webapps directory with the name of yourwar.xml.
|
||||
Jetty should pick it up.
|
||||
In this mode, you'll have to declare keycloak.json configuration directly within the xml file.
|
||||
In this mode, you'll have to declare keycloak.json configuration directly within the xml file.
|
||||
|
||||
Finally you must specify both a `login-config` and use standard servlet security to specify role-base constraints on your URLs.
|
||||
Here's an example:
|
||||
Here's an example:
|
||||
|
||||
|
||||
[source]
|
||||
|
|
@ -145,4 +143,4 @@ Here's an example:
|
|||
<role-name>user</role-name>
|
||||
</security-role>
|
||||
</web-app>
|
||||
----
|
||||
----
|
||||
|
|
|
|||
Loading…
Reference in a new issue